From 5816453976a59fc0096800c966925c8cf4aa4c75 Mon Sep 17 00:00:00 2001 From: Mathias Brunkow Moser Date: Fri, 21 Jun 2024 17:23:44 +0200 Subject: [PATCH] fix: fixed bug with the credetials configuration --- .../core/http/controllers/AppController.java | 13 +--- .../verification/config/CDCConfig.java | 17 ++--- .../config/VerificationConfig.java | 7 -- .../api/VerificationController.java | 4 +- .../manager/VerificationManager.java | 11 ++- .../models/CertifiedDataCredential.java | 69 ------------------ .../models/VerifiableCredential.java | 71 ------------------- .../verification/services/WalletService.java | 7 +- .../src/main/java/utils/JsonUtil.java | 22 ++++++ .../src/test/resources/application-test.yml | 18 +++++ 10 files changed, 60 insertions(+), 179 deletions(-) delete mode 100644 dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/CertifiedDataCredential.java delete mode 100644 dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/VerifiableCredential.java diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java index bf56adb5a..6823be134 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/core/http/controllers/AppController.java @@ -59,7 +59,6 @@ import org.eclipse.tractusx.digitalproductpass.core.exceptions.ControllerException; import org.eclipse.tractusx.digitalproductpass.verification.config.VerificationConfig; import org.eclipse.tractusx.digitalproductpass.verification.manager.VerificationManager; -import org.eclipse.tractusx.digitalproductpass.verification.models.CertifiedDataCredential; import org.eclipse.tractusx.digitalproductpass.verification.models.VerificationInfo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; @@ -246,7 +245,7 @@ public Response getDigitalTwin(@RequestBody Object body, @PathVariable String pr // Verification Add-on Functionality if(this.verificationConfig.getEnabled()) { - String path = this.verificationManager.setVerificationStatus(processId, subModel, bpn); + String path = verificationManager.setVerificationStatus(processId, subModel, bpn); if(path == null){ processManager.setStatus(processId, "verification-check-failed", new History( subModel.getIdentification(), @@ -353,16 +352,8 @@ public Response endpoint(@RequestBody Object body, @PathVariable String processI VerificationInfo verificationInfo = status.getVerification(); if(verificationInfo.vc){ - CertifiedDataCredential certifiedDataCredential = jsonUtil.bind(passport, new TypeReference<>(){}); - if(certifiedDataCredential == null){ - verificationInfo.setVerified(false); - verificationInfo.setError("It was not possible to parse the verifiable credential as a Certified Data Credential!"); - verificationManager.setVerificationInfo(processId, verificationInfo); - return this.savePassport(processId, endpointData, passport); - } - - verificationInfo = verificationManager.buildVerification(certifiedDataCredential, verificationInfo); + verificationInfo = verificationManager.buildVerification(passport, verificationInfo); } verificationManager.setVerificationInfo(processId, verificationInfo); diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/CDCConfig.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/CDCConfig.java index 9f7fd2b93..66ca4eef1 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/CDCConfig.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/CDCConfig.java @@ -32,23 +32,24 @@ @Configuration public class CDCConfig { - List semanticIds; + List semanticIdKeys; - public CDCConfig(List semanticIds) { - this.semanticIds = semanticIds; + public CDCConfig() { } - public CDCConfig() { + public CDCConfig(List semanticIdKeys) { + this.semanticIdKeys = semanticIdKeys; } - public List getSemanticIds() { - return semanticIds; + public List getSemanticIdKeys() { + return semanticIdKeys; } - public void setSemanticIds(List semanticIds) { - this.semanticIds = semanticIds; + public void setSemanticIdKeys(List semanticIdKeys) { + this.semanticIdKeys = semanticIdKeys; } + public static class SemanticKey { String key; String value; diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/VerificationConfig.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/VerificationConfig.java index 4eacd2a95..523896262 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/VerificationConfig.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/config/VerificationConfig.java @@ -43,19 +43,12 @@ public class VerificationConfig { Boolean enabled; Boolean autoVerify; WalletConfig wallet; - CDCConfig certifiedDataCredential; /** * CONSTRUCTOR(S) **/ - public VerificationConfig(Boolean enabled, Boolean autoVerify, WalletConfig wallet) { - this.enabled = enabled; - this.autoVerify = autoVerify; - this.wallet = wallet; - } - public VerificationConfig() { } diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/http/controllers/api/VerificationController.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/http/controllers/api/VerificationController.java index d6c8cdc88..e64963394 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/http/controllers/api/VerificationController.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/http/controllers/api/VerificationController.java @@ -40,7 +40,6 @@ import org.eclipse.tractusx.digitalproductpass.core.models.http.Response; import org.eclipse.tractusx.digitalproductpass.core.services.AuthenticationService; import org.eclipse.tractusx.digitalproductpass.verification.config.VerificationConfig; -import org.eclipse.tractusx.digitalproductpass.verification.models.CertifiedDataCredential; import org.eclipse.tractusx.digitalproductpass.verification.services.WalletService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; @@ -49,6 +48,7 @@ import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; import utils.HttpUtil; +import utils.JsonUtil; import java.awt.print.Book; @@ -89,7 +89,7 @@ public class VerificationController { @ApiResponse(description = "If the user is not authorized", responseCode = "401", content = @Content(mediaType = "application/json", schema = @Schema(implementation = Response.class))) }) - public Response verify(@io.swagger.v3.oas.annotations.parameters.RequestBody(description="Verifiable Credential with JsonWebSignature2020 proof type",content=@Content(mediaType="application/vc+ld+json", schema=@Schema(ref = "#/components/schemas/CertifiedDataCredential")), required = true) @RequestBody CertifiedDataCredential credential) { + public Response verify(@io.swagger.v3.oas.annotations.parameters.RequestBody(description="Verifiable Credential with JsonWebSignature2020 proof type",content=@Content(mediaType="application/vc+ld+json", schema=@Schema(ref = "#/components/schemas/CertifiedDataCredential")), required = true) @RequestBody JsonNode credential) { Response response = httpUtil.getInternalError(); if (!authService.isAuthenticated(httpRequest)) { response = httpUtil.getNotAuthorizedResponse(); diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/manager/VerificationManager.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/manager/VerificationManager.java index 1a5191a49..12120bcf1 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/manager/VerificationManager.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/manager/VerificationManager.java @@ -37,9 +37,7 @@ import org.eclipse.tractusx.digitalproductpass.core.models.manager.Status; import org.eclipse.tractusx.digitalproductpass.verification.config.CDCConfig; import org.eclipse.tractusx.digitalproductpass.verification.config.VerificationConfig; -import org.eclipse.tractusx.digitalproductpass.verification.models.CertifiedDataCredential; import org.eclipse.tractusx.digitalproductpass.verification.models.Proof; -import org.eclipse.tractusx.digitalproductpass.verification.models.VerifiableCredential; import org.eclipse.tractusx.digitalproductpass.verification.models.VerificationInfo; import org.eclipse.tractusx.digitalproductpass.verification.services.WalletService; import org.springframework.beans.factory.annotation.Autowired; @@ -66,7 +64,6 @@ public class VerificationManager { private FileUtil fileUtil; @Autowired private ProcessManager processManager; - @Autowired private WalletService walletService; @Autowired @@ -194,9 +191,11 @@ public String setVerificationInfo(String processId, VerificationInfo verificatio } } public Boolean isVerifiableCredential(SubModel subModel){ - CDCConfig cdcConfig = verificationConfig.getCertifiedDataCredential(); - List keys = cdcConfig.getSemanticIds(); + if(cdcConfig == null){ + throw new ManagerException(this.getClass().getName()+".isVerifiableCredential", "No Certified Data Credential configuration available!"); + } + List keys = cdcConfig.getSemanticIdKeys(); if(keys == null){ return null; @@ -250,7 +249,7 @@ public String extractBPNFromIssuer(String issuer){ return bpn; } - public VerificationInfo buildVerification(CertifiedDataCredential verifiableCredential, VerificationInfo verificationInfo){ + public VerificationInfo buildVerification(JsonNode verifiableCredential, VerificationInfo verificationInfo){ JsonNode response = walletService.verifyCredential(verifiableCredential); boolean verified = false; String message = "An unexpected error occurred while verifying!"; diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/CertifiedDataCredential.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/CertifiedDataCredential.java deleted file mode 100644 index 7d439b91d..000000000 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/CertifiedDataCredential.java +++ /dev/null @@ -1,69 +0,0 @@ -/********************************************************************************* - * - * Tractus-X - Digital Product Pass Application - * - * Copyright (c) 2022, 2024 BMW AG, Henkel AG & Co. KGaA - * Copyright (c) 2022, 2024 CGI Deutschland B.V. & Co. KG - * Copyright (c) 2022, 2024 Contributors to the Eclipse Foundation - * - * - * See the NOTICE file(s) distributed with this work for additional - * information regarding copyright ownership. - * - * This program and the accompanying materials are made available under the - * terms of the Apache License, Version 2.0 which is available at - * https://www.apache.org/licenses/LICENSE-2.0. - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, - * either express or implied. See the - * License for the specific language govern in permissions and limitations - * under the License. - * - * SPDX-License-Identifier: Apache-2.0 - ********************************************************************************/ - -package org.eclipse.tractusx.digitalproductpass.verification.models; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.databind.JsonNode; -import lombok.*; -import lombok.experimental.SuperBuilder; -import lombok.extern.jackson.Jacksonized; - -import java.util.List; - -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonInclude(JsonInclude.Include.NON_NULL) -@SuperBuilder -@NoArgsConstructor -@AllArgsConstructor -@Jacksonized -@Getter -public class CertifiedDataCredential extends VerifiableCredential { - - @JsonProperty("parent") - public Parent parent; - - @JsonIgnoreProperties(ignoreUnknown = true) - @JsonInclude(JsonInclude.Include.NON_NULL) - @SuperBuilder - @NoArgsConstructor - @AllArgsConstructor - @Jacksonized - @Data - @Getter - public static class Parent{ - @JsonProperty("@id") - public String id; - @JsonProperty("checksum") - public String checksum; - } - - @JsonProperty("semanticId") - public String semanticId; - -} diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/VerifiableCredential.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/VerifiableCredential.java deleted file mode 100644 index 968435f78..000000000 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/models/VerifiableCredential.java +++ /dev/null @@ -1,71 +0,0 @@ -/********************************************************************************* - * - * Tractus-X - Digital Product Pass Application - * - * Copyright (c) 2022, 2024 BMW AG, Henkel AG & Co. KGaA - * Copyright (c) 2022, 2024 CGI Deutschland B.V. & Co. KG - * Copyright (c) 2022, 2024 Contributors to the Eclipse Foundation - * - * - * See the NOTICE file(s) distributed with this work for additional - * information regarding copyright ownership. - * - * This program and the accompanying materials are made available under the - * terms of the Apache License, Version 2.0 which is available at - * https://www.apache.org/licenses/LICENSE-2.0. - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, - * either express or implied. See the - * License for the specific language govern in permissions and limitations - * under the License. - * - * SPDX-License-Identifier: Apache-2.0 - ********************************************************************************/ - -package org.eclipse.tractusx.digitalproductpass.verification.models; - -import com.fasterxml.jackson.annotation.JsonIgnoreProperties; -import com.fasterxml.jackson.annotation.JsonInclude; -import com.fasterxml.jackson.annotation.JsonProperty; -import com.fasterxml.jackson.databind.JsonNode; -import lombok.*; -import lombok.experimental.SuperBuilder; -import lombok.extern.jackson.Jacksonized; - -import java.util.List; - -@JsonIgnoreProperties(ignoreUnknown = true) -@JsonInclude(JsonInclude.Include.NON_NULL) -@NoArgsConstructor -@AllArgsConstructor -@Jacksonized -@Data -@SuperBuilder -@Getter -public class VerifiableCredential { - - @JsonProperty("id") - public String id; - - @JsonProperty("@context") - public List context; - - @JsonProperty("type") - public List type; - - @JsonProperty("credentialSubject") - public JsonNode credentialSubject; - - @JsonProperty("issuer") - public String issuer; - @JsonProperty("validFrom") - public String validFrom; - @JsonProperty("validUntil") - public String validUntil; - - @JsonProperty("proof") - public Proof proof; - -} diff --git a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/services/WalletService.java b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/services/WalletService.java index 579aa47fd..db9499203 100644 --- a/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/services/WalletService.java +++ b/dpp-backend/digitalproductpass/src/main/java/org/eclipse/tractusx/digitalproductpass/verification/services/WalletService.java @@ -36,7 +36,7 @@ import org.eclipse.tractusx.digitalproductpass.core.services.VaultService; import org.eclipse.tractusx.digitalproductpass.verification.config.VerificationConfig; import org.eclipse.tractusx.digitalproductpass.verification.config.WalletConfig; -import org.eclipse.tractusx.digitalproductpass.verification.models.CertifiedDataCredential; +import org.sonarsource.scanner.api.internal.shaded.minimaljson.Json; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; import org.springframework.http.HttpHeaders; @@ -174,11 +174,8 @@ public Boolean checkHealth(){ * @return a {@code Map} map object with the irs first response * @throws ServiceException if unable to start the verification process */ - public JsonNode verifyCredential(CertifiedDataCredential verifiableCredential) { + public JsonNode verifyCredential(JsonNode verifiableCredential) { try { - System.out.println("Verifying credential:"); - System.out.println(jsonUtil.toJson(verifiableCredential, true)); - this.checkEmptyVariables(); String url = this.walletUrl + this.verifyEndpoint; HttpHeaders headers = httpUtil.getHeadersWithApiKey(this.apiKey); diff --git a/dpp-backend/digitalproductpass/src/main/java/utils/JsonUtil.java b/dpp-backend/digitalproductpass/src/main/java/utils/JsonUtil.java index 6c1e5cc7b..4d382ce85 100644 --- a/dpp-backend/digitalproductpass/src/main/java/utils/JsonUtil.java +++ b/dpp-backend/digitalproductpass/src/main/java/utils/JsonUtil.java @@ -91,6 +91,28 @@ public Object loadJson(String jsonString, Class classType){ } } + /** + * Loads the JSON file from the given file path and maps it to an object. + *

+ * @param jsonString + * the path representation to the target JSON file as a String. + * @param reference + * the class type to map the json structure from the file to an object. + * + * @return a {@code Object} object mapped with the json file structure. + * + * @throws UtilException + * if unable to load the JSON file. + */ + public T loadJson(String jsonString, TypeReference reference){ + try { + ObjectMapper mapper = new ObjectMapper(); + return mapper.readValue(jsonString, reference); + } catch (Exception e) { + throw new UtilException(JsonUtil.class, "I was not possible to load JSON in object -> [" + e.getMessage() + "]"); + } + } + /** * Loads the JSON file from the given file path as a String. *

diff --git a/dpp-backend/digitalproductpass/src/test/resources/application-test.yml b/dpp-backend/digitalproductpass/src/test/resources/application-test.yml index 27ae2788d..eb6535956 100644 --- a/dpp-backend/digitalproductpass/src/test/resources/application-test.yml +++ b/dpp-backend/digitalproductpass/src/test/resources/application-test.yml @@ -132,6 +132,24 @@ configuration: maxRetries: 30 delay: 1000 + verification: + enabled: true + autoVerify: true + wallet: + url: "https://dpp-consumer-wallet.int.demo.catena-x.net" + endpoints: + health: "/health" + verify: "/verify" + + certifiedDataCredential: + semanticIdKeys: + - key: "Entity" + value: "https://www.w3.org/ns/credentials/v2" + - key: "DataElement" + value: "urn:samm:io.catenax.dpp_verification.cdc:1.0.0#CertifiedDataCredential" + - key: "Operation" + value: "https://w3c.github.io/vc-jws-2020/contexts/v1/" + process: store: true dir: 'process'